Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Backport 1.3] [CVE-2021-3765][1.x] bump validator from 8.2.0 to 13.9…
….0 (#3753) * [CVE-2021-3765][1.x] bump validator from 8.2.0 to 13.9.0 (#3725) validator.js prior to 13.7.0 is vulnerable to Inefficient Regular Expression Complexity. 1.x is using "[email protected]". Main has been bumped to 13.7.0 via PR #1106. The solution is to backport it on 1.x. Backport PR: #1106 Issue Resolved: #1063 Signed-off-by: Anan Zhuang <[email protected]> Co-authored-by: Josh Romero <[email protected]> (cherry picked from commit 53ae3cf) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> # Conflicts: # CHANGELOG.md * add changelog Signed-off-by: Josh Romero <[email protected]> --------- Signed-off-by: Josh Romero <[email protected]> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Josh Romero <[email protected]> Co-authored-by: Anan Zhuang <[email protected]>
- Loading branch information